71 #include "core/or/or_circuit_st.h"
75 #ifdef HAVE_SYS_STAT_H
79 #include <event2/event.h>
80 #include <event2/dns.h>
84 #define RESOLVE_MAX_TIMEOUT 300
104 const char *hostname,
113 #ifdef DEBUG_DNS_CACHE
114 static void assert_cache_ok_(
void);
115 #define assert_cache_ok() assert_cache_ok_()
117 #define assert_cache_ok() STMT_NIL
125 static uint64_t n_ipv6_requests_made = 0;
127 static uint64_t n_ipv6_timeouts = 0;
129 static int dns_is_broken_for_ipv6 = 0;
142 static inline unsigned int
145 return (
unsigned) siphash24g((
const uint8_t*)a->
address, strlen(a->
address));
157 HT_INIT(cache_map, &cache_root);
165 static int all_down = 0;
169 log_info(LD_EXIT,
"eventdns: Resolve requested.");
174 if (!
strcmpstart(msg,
"Nameserver ") && (cp=strstr(msg,
" has failed: "))) {
175 char *ns = tor_strndup(msg+11, cp-(msg+11));
176 const char *colon = strchr(cp,
':');
178 const char *err = colon+2;
184 "NAMESERVER_STATUS NS=%s STATUS=DOWN ERR=%s",
188 (cp=strstr(msg,
" is back up"))) {
189 char *ns = tor_strndup(msg+11, cp-(msg+11));
193 "NAMESERVER_STATUS NS=%s STATUS=UP", ns);
195 }
else if (!strcmp(msg,
"All nameservers have failed")) {
198 }
else if (!
strcmpstart(msg,
"Address mismatch on received DNS")) {
199 static ratelim_t mismatch_limit = RATELIM_INIT(3600);
200 const char *src = strstr(msg,
" Apparent source");
205 "eventdns: Received a DNS packet from "
206 "an IP address to which we did not send a request. This "
207 "could be a DNS spoofing attempt, or some kind of "
208 "misconfiguration.%s", src);
211 tor_log(severity, LD_EXIT,
"eventdns: %s", msg);
245 log_err(
LD_BUG,
"Couldn't create an evdns_base");
284 r->
magic = 0xFF00FF00;
295 if (a->
expire < b->expire)
297 else if (a->
expire == b->expire)
312 const char *answer_hostname,
315 if (query_type == DNS_PTR) {
319 if (dns_result == DNS_ERR_NONE && answer_hostname) {
320 resolve->result_ptr.hostname = tor_strdup(answer_hostname);
327 }
else if (query_type == DNS_IPv4_A) {
331 if (dns_result == DNS_ERR_NONE && answer_addr &&
340 }
else if (query_type == DNS_IPv6_AAAA) {
344 if (dns_result == DNS_ERR_NONE && answer_addr &&
375 resolve->
expire = expires;
395 for (ptr = HT_START(cache_map, &cache_root); ptr != NULL; ptr = next) {
397 next = HT_NEXT_RMV(cache_map, &cache_root, ptr);
400 HT_CLEAR(cache_map, &cache_root);
421 if (resolve->
expire > now)
429 "Expiring a dns resolve %s that's still pending. Forgot to "
430 "cull it? DNS resolve didn't tell us about the timeout?",
434 "Forgetting old cached resolve (address %s, expires %lu)",
436 (
unsigned long)resolve->
expire);
445 "Closing pending connections on timed-out DNS resolve!");
451 pendconn = pend->conn;
465 removed = HT_REMOVE(cache_map, &cache_root, resolve);
466 if (removed != resolve) {
467 log_err(
LD_BUG,
"The expired resolve we purged didn't match any in"
468 " the cache. Tried to purge %s (%p); instead got %s (%p).",
469 resolve->
address, (
void*)resolve,
470 removed ? removed->
address :
"NULL", (
void*)removed);
479 tor_free(resolve->result_ptr.hostname);
480 resolve->
magic = 0xF0BBF0BB;
489 #define RESOLVED_TYPE_AUTO 0xff
507 buf[0] = answer_type;
512 case RESOLVED_TYPE_AUTO:
514 cp[0] = RESOLVED_TYPE_IPV4;
522 cp[0] = RESOLVED_TYPE_IPV6;
524 memcpy(cp+2, bytes, 16);
532 answer_type = RESOLVED_TYPE_ERROR;
536 case RESOLVED_TYPE_ERROR_TRANSIENT:
537 case RESOLVED_TYPE_ERROR:
539 const char *errmsg =
"Error resolving hostname";
540 size_t msglen = strlen(errmsg);
542 buf[0] = answer_type;
544 strlcpy(buf+2, errmsg,
sizeof(buf)-2);
568 const char *hostname))
577 size_t namelen = strlen(hostname);
582 buf[0] = RESOLVED_TYPE_HOSTNAME;
583 buf[1] = (uint8_t)namelen;
584 memcpy(buf+2, hostname, namelen);
586 buflen = 2+namelen+4;
622 int made_connection_pending = 0;
623 char *hostname = NULL;
628 &made_connection_pending, &resolve);
661 (r == -1) ? RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
702 int *made_connection_pending_out,
710 time_t now = time(NULL);
716 *made_connection_pending_out = 0;
737 tor_log(LOG_PROTOCOL_WARN, LD_EXIT,
738 "Rejecting invalid destination address %s",
755 AF_UNSPEC, 0)) != 0) {
758 if (tor_addr_is_internal(&addr, 0))
762 if (!is_reverse || !is_resolve) {
764 log_info(LD_EXIT,
"Bad .in-addr.arpa address \"%s\"; sending error.",
766 else if (!is_resolve)
768 "Attempt to connect to a .in-addr.arpa address \"%s\"; "
781 resolve = HT_FIND(cache_map, &cache_root, &search);
782 if (resolve && resolve->
expire > now) {
783 switch (resolve->
state) {
786 pending_connection = tor_malloc_zero(
788 pending_connection->conn = exitconn;
791 *made_connection_pending_out = 1;
792 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") waiting "
793 "for pending DNS resolve of %s", exitconn->base_.
s,
797 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") found "
798 "cached answer for %s",
802 *resolve_out = resolve;
806 log_err(
LD_BUG,
"Found a 'DONE' dns resolve still in the cache.");
821 pending_connection->conn = exitconn;
823 *made_connection_pending_out = 1;
826 HT_INSERT(cache_map, &cache_root, resolve);
829 log_debug(LD_EXIT,
"Launching %s.",
855 char **hostname_out))
857 int ipv4_ok, ipv6_ok, answer_with_ipv4, r;
858 uint32_t begincell_flags;
866 *hostname_out = tor_strdup(resolve->result_ptr.hostname);
878 begincell_flags = exitconn->begincell_flags;
888 if (ipv4_ok && ipv6_ok && is_resolve) {
889 answer_with_ipv4 = 1;
890 }
else if (ipv4_ok && ipv6_ok) {
892 const uint16_t port = exitconn->base_.
port;
893 int ipv4_allowed, ipv6_allowed;
899 if (ipv4_allowed && !ipv6_allowed) {
900 answer_with_ipv4 = 1;
901 }
else if (ipv6_allowed && !ipv4_allowed) {
902 answer_with_ipv4 = 0;
906 answer_with_ipv4 = !(begincell_flags &
912 answer_with_ipv4 = 1;
913 }
else if (ipv6_ok) {
914 answer_with_ipv4 = 0;
917 answer_with_ipv4 = !(begincell_flags &
924 if (answer_with_ipv4) {
958 resolve = HT_FIND(cache_map, &cache_root, &search);
966 HT_FOREACH(resolve, cache_map, &cache_root) {
967 for (pend = (*resolve)->pending_connections; pend; pend = pend->next) {
988 resolve = HT_FIND(cache_map, &cache_root, &search);
990 log_notice(
LD_BUG,
"Address %s is not pending. Dropping.",
1000 if (pend->conn == conn) {
1003 log_debug(LD_EXIT,
"First connection (fd "TOR_SOCKET_T_FORMAT
") no "
1004 "longer waiting for resolve of %s",
1009 for ( ; pend->next; pend = pend->next) {
1010 if (pend->next->conn == conn) {
1011 victim = pend->next;
1012 pend->next = victim->next;
1015 "Connection (fd "TOR_SOCKET_T_FORMAT
") no longer waiting "
1016 "for resolve of %s",
1021 log_warn(
LD_BUG,
"Connection (fd "TOR_SOCKET_T_FORMAT
") was not waiting "
1022 "for a resolve of %s, but we tried to remove it.",
1042 resolve = HT_FIND(cache_map, &cache_root, &search);
1052 "Address %s is not pending but has pending connections!",
1061 "Address %s is pending but has no pending connections!",
1070 "Failing all connections waiting on DNS resolve of %s",
1075 pendconn = pend->conn;
1090 tmp = HT_REMOVE(cache_map, &cache_root, resolve);
1091 if (tmp != resolve) {
1092 log_err(
LD_BUG,
"The cancelled resolve we purged didn't match any in"
1093 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1094 resolve->
address, (
void*)resolve,
1095 tmp ? tmp->
address :
"NULL", (
void*)tmp);
1125 const char *hostname, uint32_t ttl)
1134 resolve = HT_FIND(cache_map, &cache_root, &search);
1138 log_info(LD_EXIT,
"Resolved unasked address %s; ignoring.",
1150 "Resolved %s which was already resolved; ignoring",
1156 cached_resolve_add_answer(resolve, query_type, dns_answer,
1157 addr, hostname, ttl);
1182 char *hostname = NULL;
1184 pendconn = pend->conn;
1209 RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
1264 removed = HT_REMOVE(cache_map, &cache_root, resolve);
1265 if (removed != resolve) {
1266 log_err(
LD_BUG,
"The pending resolve we found wasn't removable from"
1267 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1268 resolve->
address, (
void*)resolve,
1269 removed ? removed->
address :
"NULL", (
void*)removed);
1280 uint32_t ttl = UINT32_MAX;
1283 new_resolve->result_ptr.hostname =
1284 tor_strdup(resolve->result_ptr.hostname);
1289 HT_INSERT(cache_map, &cache_root, new_resolve);
1319 case DNS_ERR_SERVERFAILED:
1320 case DNS_ERR_TRUNCATED:
1321 case DNS_ERR_TIMEOUT:
1337 #ifdef HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR
1343 configured_nameserver_address(
const size_t idx)
1345 struct sockaddr_storage sa;
1346 ev_socklen_t sa_len =
sizeof(sa);
1349 (
struct sockaddr *)&sa,
1353 (
const struct sockaddr *)&sa,
1374 const char *conf_fname;
1381 conf_fname =
"/etc/resolv.conf";
1383 flags = DNS_OPTIONS_ALL;
1387 log_err(
LD_BUG,
"Couldn't create an evdns_base");
1394 log_debug(
LD_FS,
"stat()ing %s", conf_fname);
1395 int missing_resolv_conf = 0;
1399 log_warn(LD_EXIT,
"Unable to stat resolver configuration in '%s': %s",
1400 conf_fname, strerror(errno));
1401 missing_resolv_conf = 1;
1405 log_info(LD_EXIT,
"No change to '%s'", conf_fname);
1409 if (stat_res == 0 && st.st_size == 0)
1410 missing_resolv_conf = 1;
1416 #if defined(DNS_OPTION_HOSTSFILE) && defined(USE_LIBSECCOMP)
1417 if (flags & DNS_OPTION_HOSTSFILE) {
1418 flags ^= DNS_OPTION_HOSTSFILE;
1419 log_debug(
LD_FS,
"Loading /etc/hosts");
1425 if (!missing_resolv_conf) {
1426 log_info(LD_EXIT,
"Parsing resolver configuration in '%s'", conf_fname);
1429 log_warn(LD_EXIT,
"Unable to parse '%s', or no nameservers "
1430 "in '%s' (%d)", conf_fname, conf_fname, r);
1437 log_warn(LD_EXIT,
"Unable to find any nameservers in '%s'.",
1445 log_warn(LD_EXIT,
"Could not read your DNS config from '%s' - "
1446 "please investigate your DNS configuration. "
1447 "This is possibly a problem. Meanwhile, falling"
1448 " back to local DNS at 127.0.0.1.", conf_fname);
1462 log_warn(LD_EXIT,
"Could not config nameservers.");
1466 log_warn(LD_EXIT,
"Unable to find any platform nameservers in "
1467 "your Windows configuration.");
1477 #define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v))
1487 SET(
"max-timeouts:",
"1000000");
1489 SET(
"max-timeouts:",
"10");
1498 SET(
"max-inflight:",
"8192");
1504 SET(
"timeout:",
"5");
1505 SET(
"attempts:",
"3");
1508 SET(
"randomize-case:",
"1");
1510 SET(
"randomize-case:",
"0");
1542 uint8_t orig_query_type = arg_[0];
1543 char *string_address = arg_ + 1;
1545 const char *hostname = NULL;
1546 int was_wildcarded = 0;
1551 if (type == DNS_IPv6_AAAA) {
1552 if (result == DNS_ERR_TIMEOUT) {
1556 if (n_ipv6_timeouts > 10 &&
1557 n_ipv6_timeouts > n_ipv6_requests_made / 2) {
1558 if (! dns_is_broken_for_ipv6) {
1559 log_notice(LD_EXIT,
"More than half of our IPv6 requests seem to "
1560 "have timed out. I'm going to assume I can't get AAAA "
1562 dns_is_broken_for_ipv6 = 1;
1567 if (result == DNS_ERR_NONE) {
1568 if (type == DNS_IPv4_A && count) {
1570 char *escaped_address;
1571 uint32_t *addrs = addresses;
1578 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked "
1579 "address %s; treating as a failure.",
1580 safe_str(escaped_address),
1584 result = DNS_ERR_NOTEXIST;
1586 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1587 safe_str(escaped_address),
1591 }
else if (type == DNS_IPv6_AAAA && count) {
1593 char *escaped_address;
1595 struct in6_addr *addrs = addresses;
1598 sizeof(answer_buf));
1601 if (BUG(ip_str == NULL)) {
1602 log_warn(LD_EXIT,
"tor_inet_ntop() failed!");
1603 result = DNS_ERR_NOTEXIST;
1605 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked "
1606 "address %s; treating as a failure.",
1607 safe_str(escaped_address),
1611 result = DNS_ERR_NOTEXIST;
1613 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1614 safe_str(escaped_address),
1618 }
else if (type == DNS_PTR && count) {
1619 char *escaped_address;
1620 hostname = ((
char**)addresses)[0];
1622 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1623 safe_str(escaped_address),
1627 log_info(LD_EXIT,
"eventdns returned only unrecognized answer types "
1631 log_info(LD_EXIT,
"eventdns returned no addresses or error for %s.",
1635 if (was_wildcarded) {
1643 if (orig_query_type && type && orig_query_type != type) {
1644 log_warn(
LD_BUG,
"Weird; orig_query_type == %d but type == %d",
1645 (
int)orig_query_type, (
int)type);
1647 if (result != DNS_ERR_SHUTDOWN)
1649 result, &addr, hostname, ttl);
1662 : DNS_QUERY_NO_SEARCH;
1663 const size_t addr_len = strlen(address);
1664 struct evdns_request *req = 0;
1665 char *addr = tor_malloc(addr_len + 2);
1666 addr[0] = (char) query_type;
1667 memcpy(addr+1, address, addr_len + 1);
1669 switch (query_type) {
1677 ++n_ipv6_requests_made;
1683 DNS_QUERY_NO_SEARCH,
1688 DNS_QUERY_NO_SEARCH,
1691 log_warn(
LD_BUG,
"Called with PTR query and unexpected address family");
1694 log_warn(
LD_BUG,
"Called with unexpected query type %d", (
int)query_type);
1720 log_warn(LD_EXIT,
"(Harmless.) Nameservers not configured, but resolve "
1721 "launched. Configuring.");
1728 &a, resolve->
address, AF_UNSPEC, 0);
1732 log_info(LD_EXIT,
"Launching eventdns request for %s",
1739 resolve->res_status_ipv4 = 0;
1746 resolve->res_status_ipv6 = 0;
1750 }
else if (r == 1) {
1752 log_info(LD_EXIT,
"Launching eventdns reverse request for %s",
1756 resolve->res_status_hostname = 0;
1759 }
else if (r == -1) {
1760 log_warn(
LD_BUG,
"Somehow a malformed in-addr.arpa address reached here.");
1764 log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
"eventdns rejected address %s.",
1809 ip = tor_malloc_zero(
sizeof(
int));
1818 "Your DNS provider has given \"%s\" as an answer for %d different "
1819 "invalid addresses. Apparently they are hijacking DNS failures. "
1820 "I'll try to correct for this by treating future occurrences of "
1821 "\"%s\" as 'not found'.",
id, *ip,
id);
1835 int n, n_test_addrs;
1844 smartlist_len(
get_options()->ServerDNSTestAddresses) : 0;
1848 if (n > n_test_addrs/2) {
1850 LD_EXIT,
"Your DNS provider tried to redirect \"%s\" to a junk "
1851 "address. It has done this with %d test addresses so far. I'm "
1852 "going to stop being an exit node for now, since our DNS seems so "
1853 "broken.", address, n);
1868 void *addresses,
void *arg)
1873 if (result == DNS_ERR_NONE && count) {
1874 char *string_address = arg;
1876 if (type == DNS_IPv4_A) {
1877 const uint32_t *addrs = addresses;
1878 for (i = 0; i < count; ++i) {
1882 in.s_addr = addrs[i];
1883 ntoa_res =
tor_inet_ntoa(&in, answer_buf,
sizeof(answer_buf));
1884 tor_assert_nonfatal(ntoa_res >= 0);
1888 }
else if (type == DNS_IPv6_AAAA) {
1889 const struct in6_addr *addrs = addresses;
1890 for (i = 0; i < count; ++i) {
1893 sizeof(answer_buf));
1894 tor_assert_nonfatal(ip_str);
1901 "Your DNS provider gave an answer for \"%s\", which "
1902 "is not supposed to exist. Apparently they are hijacking "
1903 "DNS failures. Trying to correct for this. We've noticed %d "
1904 "possibly bad address%s so far.",
1920 struct evdns_request *req;
1923 log_info(LD_EXIT,
"Testing whether our DNS server is hijacking nonexistent "
1924 "domains with request for bogus hostname \"%s\"", addr);
1928 req = evdns_base_resolve_ipv6(
1935 req = evdns_base_resolve_ipv4(
1960 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like to "
1961 "hijack *everything*.");
1969 const char *, address) {
1971 log_info(LD_EXIT,
"eventdns rejected test address %s",
1976 log_info(LD_EXIT,
"eventdns rejected test address %s",
1979 } SMARTLIST_FOREACH_END(address);
1983 #define N_WILDCARD_CHECKS 2
1993 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like "
1994 "to hijack DNS failures.");
1995 for (ipv6 = 0; ipv6 <= 1; ++ipv6) {
1996 for (i = 0; i < N_WILDCARD_CHECKS; ++i) {
2023 static struct event *launch_event = NULL;
2036 if (evtimer_add(launch_event, &
timeout) < 0) {
2037 log_warn(
LD_BUG,
"Couldn't add timer for checking for dns hijacking");
2052 return dns_is_broken_for_ipv6;
2064 n_ipv6_requests_made = n_ipv6_timeouts = 0;
2077 dns_is_broken_for_ipv6 = 0;
2103 if (resolve->is_reverse)
2116 return HT_SIZE(&cache_root);
2121 dns_cache_total_allocation(
void)
2124 HT_MEM_USAGE(&cache_root);
2133 size_t hash_mem = dns_cache_total_allocation();
2138 tor_log(severity,
LD_MM,
"Our DNS cache has %d entries.", hash_count);
2139 tor_log(severity,
LD_MM,
"Our DNS cache size is approximately %u bytes.",
2140 (
unsigned)hash_mem);
2147 dns_cache_handle_oom(time_t now,
size_t min_remove_bytes)
2149 time_t time_inc = 0;
2150 size_t total_bytes_removed = 0;
2151 size_t current_size = dns_cache_total_allocation();
2159 time_t cutoff = now + time_inc;
2163 size_t bytes_removed = current_size - dns_cache_total_allocation();
2164 current_size -= bytes_removed;
2165 total_bytes_removed += bytes_removed;
2169 }
while (total_bytes_removed < min_remove_bytes);
2171 return total_bytes_removed;
2174 #ifdef DEBUG_DNS_CACHE
2177 assert_cache_ok_(
void)
2180 int bad_rep = HT_REP_IS_BAD_(cache_map, &cache_root);
2182 log_err(
LD_BUG,
"Bad rep type %d on dns cache hash table", bad_rep);
2186 HT_FOREACH(resolve, cache_map, &cache_root) {
2200 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2201 tor_assert(!found || found != res);
2203 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2214 return HT_FIND(cache_map, &cache_root, query);
2220 HT_INSERT(cache_map, &cache_root, new_entry);